Intel Reveals a Serious New Chip Security Flaw

Over a year after the Meltdown and Spectre security flaws ravaged the PC industry, Intel has revealed a new, even more serious set of vulnerabilities.

The new flaws are called Microarchitectural Data Sampling, or MDS, and while the processor giant and the security researchers who discovered them have never seen exploits in the wild, they’ve been able to create exploits of their own as a proof of concept.

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Though the Intel chipsets released this year include a fix for the flaws, they impact every Intel microprocessor released since 2011, so previous versions will need to be patched. Those patches are already available, but some, depending on the chipset, could slow performance by as much as 19 percent. Worse, the fixes for older chipsets don’t completely mitigate the problems.

The security researchers who worked with Intel have released their own information about the flaws as well, and each has created sample exploits to demonstrate the issues. One group has named their exploits RIDL and Fallout.

“The RIDL and Fallout speculative execution attacks allow attackers to leak confidential data across arbitrary security boundaries on a victim system, for instance compromising data held in the cloud or leaking your information to malicious websites,” notes a new website created by one team of security researchers who notified Intel about the problems. “Our attacks leak data by exploiting the newly disclosed Microarchitectural Data Sampling (or MDS) side-channel vulnerabilities in Intel CPUs. Unlike existing attacks, our attacks can leak arbitrary in-flight data from CPU-internal buffers (Line Fill Buffers, Load Ports, Store Buffers), including data never stored in CPU caches. We show that existing defenses against speculative execution attacks are inadequate, and in some cases actually make things worse. Attackers can use our attacks to obtain sensitive data despite mitigations, due to vulnerabilities deep inside Intel CPUs.”

A second group has created an exploit called ZombieLoad.

“The ZombieLoad attack allows stealing sensitive data and keys while the computer accesses them,” the ZombieLoad website notes. “While programs normally only see their own data, a malicious program can exploit the fill buffers to get hold of secrets currently processed by other running programs. These secrets can be user-level secrets, such as browser history, website content, user keys, and passwords, or system-level secrets, such as disk encryption keys. The attack does not only work on personal computers but can also be exploited in the cloud.”

Amazon, Apple, Google, Microsoft, and Mozilla have all claimed to have issued fixes for the flaws.

“We’re aware of this industry-wide issue and have been working closely with affected chip manufacturers to develop and test mitigations to protect our customers,” a Microsoft statement reads. “We are working to deploy mitigations to cloud services and release security updates to protect Windows customers against vulnerabilities affecting supported hardware chips.”

The RIDL and Fallout researchers have created a tool that will show you (in Windows or Linux) if your PC is vulnerable. But the reality is that you are vulnerable if you’re using an Intel chipset.

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 17 comments

  • MikeGalos

    14 May, 2019 - 7:39 pm

    <p>Nice to see both the latest intel chips already have this fixed and the latest Windows patch already has a fix in place for those without the 9 series processors. </p>

  • Otto Gunter

    14 May, 2019 - 8:45 pm

    <p>Certainly the new Intel chipsets do not have these flaws, but are we secure in believing that they do not introduce new, as yet undiscovered, vulnerabilities themselves?</p>

    • lvthunder

      Premium Member
      15 May, 2019 - 12:32 am

      <blockquote><em><a href="#428201">In reply to Otto_Gunter:</a></em></blockquote><p>No. But then are you secure in any chip that there isn't new, as yet undiscovered, vulnerabilities? I'm not. All these chips are designed by people and people aren't perfect.</p>

  • longhorn

    14 May, 2019 - 8:57 pm

    <p>I wonder if AMD is equally impacted or if it's just Intel taking design shortcuts that impact security. It's good these flaws come to the surface. Sometimes I have the feeling that "security" is just used as a means to convince people to accept things. These security vulnerabilities in hardware are very real however.</p><p><br></p>

    • ChristopherCollins

      Premium Member
      14 May, 2019 - 10:26 pm

      <blockquote><em><a href="#428203">In reply to longhorn:</a></em></blockquote><p>I feel like so much of chip design has always been speed, which was followed by power consumption. Much smarter people out there now and they are finding vulnerabilities. This will of course impact future chip designs which have now taken a turn towards security, power, then speed. A reversal of sorts.</p>

    • lvthunder

      Premium Member
      15 May, 2019 - 12:34 am

      <blockquote><em><a href="#428203">In reply to longhorn:</a></em></blockquote><p>It would be my guess that AMD would not be effected unless they copied Intel's code. I just think the security people are banging on Intels chips more then AMD's.</p>

      • Greg Green

        15 May, 2019 - 9:10 am

        <blockquote><em><a href="#428217">In reply to lvthunder:</a></em></blockquote><p>Intel has over 80% of the laptop and desktop markets, and over 95% of the server market. As Willie Sutton said, That’s where the money is.</p><p><br></p><p>I’m guessing this affects server chips also.</p>

  • endoftheroad

    14 May, 2019 - 11:17 pm

    <p>No doubt people will ARM themselves against these kinds of attacks. In the long run would it help?</p>

  • VMax

    Premium Member
    15 May, 2019 - 2:06 am

    <p>&gt; <span style="color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);"> Intel has revealed a new, even more serious set of vulnerabilities.</span></p><p><br></p><p><span style="color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);">I'm not sure that's a fair assessment. Peter Bright's article at Ars Technica has a good explanation of the issue.</span></p>

  • BBoileau

    Premium Member
    15 May, 2019 - 7:52 am

    <p><span style="color: rgb(0, 0, 0);">“the reality is that you are vulnerable if you’re using an Intel chipset”</span></p><p><span style="color: rgb(0, 0, 0);">Wow. Might as well say, if your computing on anything non-mobile your likely to impacted.</span></p>

    • jimchamplin

      Premium Member
      15 May, 2019 - 4:14 pm

      <blockquote><em><a href="#428268">In reply to BBoileau:</a></em></blockquote><p>Mobile CPUs also utilize out of order and speculative execution. Similar exploits could exist for them as well. </p>

  • BeckoningEagle

    Premium Member
    15 May, 2019 - 8:13 am

    <p>I find it problematic that patching these vulnerabilities result in loss of performance. In a datacenter usually people size it 30% to 50% higher to account for growth, but after patching for meltdown, Spectre and now this one, that growth is severely impacted.</p><p><br></p><p>I see a class action coming soon.</p>

    • lvthunder

      Premium Member
      15 May, 2019 - 10:36 am

      <blockquote><em><a href="#428269">In reply to BeckoningEagle:</a></em></blockquote><p>Intel only gives you the hardware specs. They don't give you a performance spec. So while I can see a lawsuit coming I hope Intel prevails.</p>

  • rm

    15 May, 2019 - 9:43 am

    <p>So, this time Google was not involved by publicly leaking the exploits and the result is, there are patches available before hackers can try to steal information. I am sure it took months to get everything patched by all companies involved. How refreshing!</p>

  • igor engelen

    15 May, 2019 - 2:06 pm

    <p>If you want to enable full protection on your Mac you can have performance loss of 40%</p><p>Luckely this isn't really necessary for most people </p><p><br></p><p><a href="https://www.idownloadblog.com/2019/05/14/intel-chip-vulnerability-zombie-load-macos-mojave-10-14-5-fix/&quot; target="_blank">https://www.idownloadblog.com/2019/05/14/intel-chip-vulnerability-zombie-load-macos-mojave-10-14-5-fix/</a></p&gt;

    • ivarh

      Premium Member
      16 May, 2019 - 8:28 am

      <blockquote><em><a href="#428371">In reply to Igor Engelen:</a></em></blockquote><p>When you disable multithreading (necessary for full midigation) you will get a hit like that. The hit would be the same on any OS that supports multithreading and runs a affected cpu.</p>

  • red.radar

    Premium Member
    16 May, 2019 - 8:26 am

    <p>Reading the papers, it would appear this is a bigger deal for cloud computing companies than general consumer. </p><p><br></p><p>Cloud companies are bigger targets and when you run these exploits your more likely to get something valuable. Looks like the point of these exploits is to get access to the keys that secure the cloud. Not target a singular user </p><p><br></p><p>i would like to me to know if AMD hardware is more secure by design or just hasn’t received the scrutiny it deserves. </p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC